Start of Content Area

Background documentation URL Encoding  Locate the document in its SAP Library structure

The structure of URLs is described in RFC 2396. RFC 1738 also specifies which character set may be used for a URL and how characters not in this set should be encoded.

Only characters from an ASCII character set may be used in a URL (0x00 - 0x7F). The characters 0x00 – 0x1F and 0x7F must be encoded. (The characters 0x00 - 0x1F and 0x7F.) If they must appear in the URL, a ‘%’ (percentage sign) followed by the hexadecimal representation of the character should be used.

Example

A line feed (0x0A) is represented as %0A in a URL.

Unsafe Characters

‘Unsafe’ characters must also be encoded in the way described above. These characters are: space, <, >, ", #, %, {, }, |, \, ^, ~, [, ], ` . These characters are considered unsafe either because they execute special functions in the URL, or because they could be interpreted as special characters during transfer.

Reserved Characters

There are also ‘reserved’ characters: ;, /, ?, :, @, =, &.

Reserved characters must also be encoded.

Transferring Binary Data

Problems can occur if binary data is to be transferred in a URL. This is the case when using the Content Server Interface, since the secKey consists of binary data. The ASCII character set must first be encoded, and Base64 coding is used for this (RFC 1521).

Example

  1. Compiling the URL

    2. http://pswdf009:1080/ContentServer/ContentServer.dll?get&pVersion=0046&contRep=K1&docId=361A524A3ECB5459E0000800099245EC&accessMode=r&authId=pawdf054_BCE_26&expiration=19981104091537

  2. Generating the secKey

    3. The secKey is made up of the encoded parameters. The parameters to be signed are specified in the function definition.

    In this example (get function) the parameters are:

    ContRep = K1
    DocId = 361A524A3ECB5459E0000800099245EC
    AccessMode = r
    AuthId = pawdf054_BCE_26
    Expiration = 19981104091537

    In the next step, the parameter values are summarized to form a message (without separators), in accordance with the sequence in the URL:

    K1361A524A3ECB5459E0000800099245ECrpawdf054_BCE_2619981104091537

    The message is used to form the hash from which the SecKey is calculated. In this example, arbitrary values are chosen for the secKey, for the sake of clarity.

    The secKey has the following values: 0x83, 0x70, 0x21, 0x42.

  3. Encoding the secKey in the ASCII character set

    4. Base64 must always be used to encode the secKey.

    0x83, 0x70, 0x21, 0x42 -> g3AhQg==

  4. Encoding the URL in accordance with URL character set limitations

Characters may need to be encoded, as in this example: That is the case in this example:

g3AhQg== -> g3AhQg%3D%3D

The following URL is generated:

http://pswdf009:1080/ContentServer/ContentServer.dll?get&pVersion=0045&contRep=K1&docId=361A524A3ECB5459E0000800099245EC&accessMode=r&authId=pawdf054_BCE_26&expiration=19981104091537&secKey=g3AhQg%3D%3D

 

 

 End of Content Area